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- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 
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DETAILED ACTION 

CLAIMS PRESENTED 

Claims 1-6 are presented. 

RESPONSE TO ARGUMENTS 

Applicant's arguments filed 2/28/07 have been fully considered but they are not persuasive. 
Applicant argues: 

I. The '590 reference fails to disclose a communication control apparatus that includes storing means for 
storing firewall configuration information suitable for a mobile station, in correspondence with identification 
information that identifies the mobile station among a plurality of mobile stations. In relation to this 
argument, applicant further argues that the 590 reference is directed to the use of a single computing 
device in both a home network and a foreign network, thus it does not disclose identification information 
that identifies the mobile station among a plurality of mobile stations. 

In response to I, examiner has fully considered applicant's arguments and contends that they are 
not persuasive for the following reasons. In paragraph 2 of the 590 reference, Syvanne teaches 
that a firewall can be a router, a personal computer, or any other device that operates at the 
same time as a connector and a separator between networks. In paragraph 3, Syvanne further 
teaches that a personal firewall may be implemented as software installed on the computer or as 
a separate electronic device connected to the computer device. Referring to figure 4 of the 590 
reference, it can be seen that the IP address is used to identify the mobile station. Piecing these 
citations together, it is clear that the firewall, which can take the form of a router, stores firewall 
configuration information in correspondence to the IP address of the mobile unit, the IP address 
analogous to the claimed identification information. The IP address is identification information 
which is unique to only one mobile station in the network and thus clearly serves as an identifier 
distinct from other identifiers belonging to other mobile stations in the network. It is clear that a 
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network is capable of having more than one mobile station connecting to it, each mobile station 
having a corresponding IP address. 

II. The '590 reference fails to disclose a communication control apparatus that includes detecting means 
for detecting an external firewall device connected to the mobile station by receiving information for 
notifying movement of the mobile station via the external firewall device. In relation to this argument, 
applicant further argues that the personal firewall device disclosed by the reference is not external and is 
located within the computer terminal. 

In response to II, examiner contends that the cited location verification procedure taught by the 
590 reference is analogous the detecting an external firewall device connected to the mobile 
station. By determining the current location of the computer and comparing it to a predetermined 
or previous location, it is clear that movement of the mobile station has occurred if the location is 
different. Furthermore, as cited above, the personal firewall does not necessarily have to be 
located within the computer terminal and can be located outside of the computer. 

III. The '590 reference fails to disclose transmitting means for, in response to the detection of the external 
firewall device connected to the mobile station, transmitting the stored firewall configuration information 
corresponding to the identification information of the mobile station to the external device. 

In response to III, see paragraph 13 of the 590 reference wherein Syvanne teaches that security 
rules are defined, updated, and distributed centrally by a centralized rule-based server. The 
reference further teaches the updating process is dependent on the current location of the 
computer device in a similar manner as selection of the active rules. Examiner interprets this to 
be analogous to the claim in that in response to the location of the mobile station, appropriate 
rules are retrieved from the central server to acquire security rules which are analogous to firewall 
configuration information. 

In view of the above responses, examiner contends that applicant's arguments and amendments are not 
persuasive in overcoming the rejections of the previous office action and thus they are maintained. 
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CLAIM REJECTIONS 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 1-4 are rejected under 35 U.S.C. 102(e) as being anticipated by Syvanne, US 

PGP No. 20030097590. 

As per claims 1 and 3, Syvanne teaches: 

A communication control apparatus for implementing transmission and reception of data to and from a 
plurality of firewall devices connectible to a mobile station, the communication control apparatus 
comprising: 

[see paragraph 10] "A computer device which can be connected to a home network and to a 
foreign network is provided with a local security mechanism, called a personal firewall herein, for 
protecting the computer device from attacks from a foreign network. " 

storing means for storing firewall configuration information suitable for the mobile station, in 

correspondence with identification information of the mobile station; 

[see paragraph 10] "The personal firewall is provided with different sets of security rules, at 
least one set of rules for the home network and at least one set of rules for 
foreign networks." 

detecting means for detecting a firewall device connected to the mobile station; and 

[see paragraph 10] "The personal firewall is arranged to detect its current location, i.e. to 
determine the network to which it is connected at each particular moment. " 
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transmitting means for, in conjunction with the detection of the firewall device connected to the mobile 

station, transmitting the firewall configuration information corresponding to the identification information of 

the mobile station, to the firewall device. 

[see paragraph 10] "The personal firewall activates one of the given sets of security rules 
according to the detected current location of the computer device. " 

As per claim 2 and 4, Syvanne teaches: 

A firewall apparatus for implementing relaying in transmission and reception of data between the 
communication control apparatus as set forth in claim 1 , and a plurality of mobile stations, the firewall 
apparatus comprising: 

retaining means for retaining a filtering condition included in the firewall configuration information, in 

correspondence with identification information of each mobile station; 

[see paragraph 10] "the personal firewall automatically uses the security rules predefined for the 
network to which the computer device is connected at each particular moment " 

distinguishing means for distinguishing a mobile station being a destination of a packet transmitted from 

the communication control apparatus; and 

[see paragraph 1 1] "The current location of the computer device is preferably determined on the 
basis of a currently used IP address of the computer device. " 

determining means for determining the propriety of passage of the packet in accordance with the filtering 

condition corresponding to the mobile station distinguished by the distinguishing means. 

[see paragraph 10] "Upon detecting a change in the location, the personal firewall immediately 
adapts to use security rules predefined for the new location." 

As per claim 5, Syvanne teaches: 

The communication control apparatus of Claim 1, wherein the detecting means comprises: 

means for receiving, from the external firewall device, a binding update packet that indicates that the 

mobile station has moved and is connected to the external firewall device. 

As cited above, the firewall may be a router. The router is capable of informing the mobile station 
of the current IP address. If the IP address is different from a predetermined or previous address then it 
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is clear that the mobile station has moved. If the mobile station has moved to a foreign network, then it is 
connected to an external firewall device. 

As per claim 6, Syvanne teaches: 

The communication control apparatus of claim 1 , wherein the transmitting means comprises: 

means for transmitting the identification information of the mobile station to the external firewall device 

together with the stored firewall configuration information. 

[see paragraphs 45-47] The updated rules are pushed down from the central server to the 
personal firewall in accordance to the mobile station's IP address within the internal network. 

CONCLUSION 

1 . THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth 
in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from 
the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date 
of this final action and the advisory action is not mailed until after the end of the THREE-MONTH 
shortened statutory period, then the shortened statutory period will expire on the date the advisory action 
is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later than SIX 
MONTHS from the mailing date of this final action. 

POINTS OF CONTACT 

*. Any response to this Office Action should be faxed to (571) 273-8300 or mailed to: 

Commissioner for Patents 
P.O. Box 1450 
Alexandria, VA 22313-1450 

Hand-delivered responses should be brought to 
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Customer Service Window 
Randolph Building 
401 Dulaney Street 
Alexandria, VA 22314 

*. Any inquiry concerning this communication or earlier communications from the examiner should 

be directed to Daniel L Hoang whose telephone number is 571-270-1019. The examiner can normally 

be reached on Monday - Thursday, 8:00 a.m. - 5:00 p.m., EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 

Nasser Moazzami can be reached on 571-272-4195. The fax phone number for the organization where 

this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained 
from either Private PAIR or Public PAIR. Status information for unpublished applications is available 
through Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the 
Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Daniel L. Hoang 
6/4/07 





